Privilege Escalation: Unauthorized Password Modification in Zoho ManageEngine Desktop Central

Privilege Escalation: Unauthorized Password Modification in Zoho ManageEngine Desktop Central

CVE-2022-23863 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any user's login password.

Learn more about our Cis Benchmark Audit For Desktop Software.